Adware.Gexin.8178

Technical information

Malicious functions:

Executes code of the following detected threats:

Adware.Gexin.2.origin

Accesses the ITelephony private interface.

Network activity:

Connects to:

UDP(DNS) <Google DNS>
TCP(HTTP/1.1) log.renre####.com:80
TCP(HTTP/1.1) reso####.msg.gl####.####.net:80
TCP(TLS/1.0) sc.shanyis####.com:443
TCP(TLS/1.0) app####.renre####.com:443
TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
TCP(TLS/1.0) api.renre####.com:443
TCP(TLS/1.0) log.renre####.com:443
TCP(TLS/1.0) appver####.renre####.com:443
TCP(TLS/1.0) regi####.xm####.gl####.####.com:443
TCP app.c####.gl####.####.net:5222

DNS requests:

api.renre####.com
app####.renre####.com
app.c####.gl####.####.net
appver####.renre####.com
log.renre####.com
plb####.u####.com
regi####.xm####.gl####.####.com
reso####.msg.gl####.####.net
sc.shanyis####.com
u####.u####.com

HTTP GET requests:

reso####.msg.gl####.####.net/gslb/?ver=4.0&type=wap&conpt=dvidpodv >>4>...

HTTP POST requests:

log.renre####.com/index.php?c=####&m=####

File system changes:

Creates the following files:

/data/data/####/.imprint
/data/data/####/.jg.ic
/data/data/####/.tpns.settings.xml.xml
/data/data/####/.xml
/data/data/####/Alvin2.xml
/data/data/####/Carapp.db-journal
/data/data/####/ContextData.xml
/data/data/####/MultiDex.lock
/data/data/####/RRCCrashStore.xml
/data/data/####/SP_AROUTER_CACHE.xml
/data/data/####/XMPushServiceConfig.xml
/data/data/####/_default_renrenche_cache_file_name.xml
/data/data/####/abtest_cache_data.0.tmp
/data/data/####/com.renrenche.android.agent.v1_com.renrenche.carapp.xml
/data/data/####/com.renrenche.carapp.xml
/data/data/####/com.renrenche.carapp;pushservice
/data/data/####/com.renrenche.carapp_preferences.xml
/data/data/####/com.sensorsdata.analytics.android.sdk.SensorsDataAPI.xml
/data/data/####/connect.xml
/data/data/####/controlInfo.ini
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDI4MzAx;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDIzNzk5;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDM1NzQ4;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDQzMjUz;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDUxMzIw;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDYwMjAw;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDcxNDMy;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQ4ODU5MDgyNjg1;
/data/data/####/exchangeIdentity.json
/data/data/####/exid.dat
/data/data/####/geofencing.db
/data/data/####/geofencing.db-journal
/data/data/####/i==1.2.0&&5.7.0_1548859023940_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859028305_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859035793_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859043278_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859051345_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859060237_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859071448_envelope.log
/data/data/####/i==1.2.0&&5.7.0_1548859082697_envelope.log
/data/data/####/info.xml
/data/data/####/installed_1548859024127.info
/data/data/####/installed_1548859024168.info
/data/data/####/installed_1548859024263.info
/data/data/####/installed_1548859030028.info
/data/data/####/installed_1548859030178.info
/data/data/####/installed_1548859030924.info
/data/data/####/installed_1548859038990.info
/data/data/####/installed_1548859039181.info
/data/data/####/installed_1548859039839.info
/data/data/####/installed_1548859044983.info
/data/data/####/installed_1548859045509.info
/data/data/####/installed_1548859047457.info
/data/data/####/installed_1548859052824.info
/data/data/####/installed_1548859053432.info
/data/data/####/installed_1548859055511.info
/data/data/####/installed_1548859066222.info
/data/data/####/installed_1548859067579.info
/data/data/####/installed_1548859068239.info
/data/data/####/installed_1548859073072.info
/data/data/####/installed_1548859074708.info
/data/data/####/installed_1548859076202.info
/data/data/####/installed_1548859084440.info
/data/data/####/installed_1548859086447.info
/data/data/####/installed_1548859087168.info
/data/data/####/journal.tmp
/data/data/####/libjiagu-826918854.so
/data/data/####/log.db
/data/data/####/log.db-journal
/data/data/####/mipush.xml
/data/data/####/mipush_account.xml
/data/data/####/mipush_extra.xml
/data/data/####/mipush_oc.xml
/data/data/####/mipush_region
/data/data/####/mipush_region.lock
/data/data/####/multidex.version.xml
/data/data/####/pref_registered_pkg_names.xml
/data/data/####/response_server_time.xml
/data/data/####/rrc_carapp_conf.xml
/data/data/####/rrc_user.xml
/data/data/####/search_hot_words.0.tmp
/data/data/####/sensorsdata-journal
/data/data/####/sensorsdata.xml
/data/data/####/sp.db-journal
/data/data/####/sp_client_report_status.xml
/data/data/####/sync.xml
/data/data/####/ua.db
/data/data/####/ua.db-journal
/data/data/####/um_pri.xml
/data/data/####/umdat.xml
/data/data/####/umeng_common_config.xml
/data/data/####/umeng_common_location.xml
/data/data/####/umeng_general_config.xml
/data/data/####/umeng_it.cache
/data/data/####/webview.db-journal
/data/data/####/webviewCookiesChromium.db-journal
/data/media/####/.a.dat
/data/media/####/.adfwe.dat
/data/media/####/.cca.dat
/data/media/####/.nomedia
/data/media/####/.umm.dat
/data/media/####/0026751cb14ad3d834f4ca690d75da70.0.tmp
/data/media/####/0026751cb14ad3d834f4ca690d75da70.1.tmp
/data/media/####/0120518db89a7b4881b59e5a35f55d86.0.tmp
/data/media/####/0120518db89a7b4881b59e5a35f55d86.1.tmp
/data/media/####/0209f61f7ecab1d2d0c76451bce705f8.0.tmp
/data/media/####/0209f61f7ecab1d2d0c76451bce705f8.1.tmp
/data/media/####/032d47c37d8c096f53f094604f651c45.0.tmp
/data/media/####/032d47c37d8c096f53f094604f651c45.1.tmp
/data/media/####/0436b6aee03be2838461aa12a2e7f8ef.0.tmp
/data/media/####/0436b6aee03be2838461aa12a2e7f8ef.1.tmp
/data/media/####/054d402366c27245cfee9f0e6c9c11eb.0.tmp
/data/media/####/054d402366c27245cfee9f0e6c9c11eb.1.tmp
/data/media/####/062cd26ab17483ff966a063837407e93.0.tmp
/data/media/####/062cd26ab17483ff966a063837407e93.1.tmp
/data/media/####/06e26e7ce2de8f46744eb922bbeecbfa.0.tmp
/data/media/####/06e26e7ce2de8f46744eb922bbeecbfa.1.tmp
/data/media/####/06e69ae4edd2efdfea6c8b4276852e19.0.tmp
/data/media/####/06e69ae4edd2efdfea6c8b4276852e19.1.tmp
/data/media/####/0753a323fbd999d0dd30ce6959277e22.0.tmp
/data/media/####/0753a323fbd999d0dd30ce6959277e22.1.tmp
/data/media/####/07790a75280300678f7c3cc36ad1934b.0.tmp
/data/media/####/07790a75280300678f7c3cc36ad1934b.1.tmp
/data/media/####/07a31849ad916377b1d4a8f7e0e67f3f.0.tmp
/data/media/####/07a31849ad916377b1d4a8f7e0e67f3f.1.tmp
/data/media/####/0b7a3a407c0311373aefc2848e1b8b86.0.tmp
/data/media/####/0b7a3a407c0311373aefc2848e1b8b86.1.tmp
/data/media/####/0d19e26ef57fe455bb0cdaa1026645dd.0.tmp
/data/media/####/0d19e26ef57fe455bb0cdaa1026645dd.1.tmp
/data/media/####/0f14493d870035a9dc6cfcbfdde8e85f.0.tmp
/data/media/####/0f14493d870035a9dc6cfcbfdde8e85f.1.tmp
/data/media/####/0fc6ff24b9722ad4531af54c41e19913.0.tmp
/data/media/####/0fc6ff24b9722ad4531af54c41e19913.1.tmp
/data/media/####/10103d7f48ab5ff9ba10657c6d30824e.0.tmp
/data/media/####/10103d7f48ab5ff9ba10657c6d30824e.1.tmp
/data/media/####/139b1b531ed1c7dbbf6ba2b95bbb8f9f.0.tmp
/data/media/####/139b1b531ed1c7dbbf6ba2b95bbb8f9f.1.tmp
/data/media/####/13d49ddd8fe5fa096f9f7f4cb94465df.0.tmp
/data/media/####/13d49ddd8fe5fa096f9f7f4cb94465df.1.tmp
/data/media/####/17ae84362e3d3166ea0086cd1c8c51ee.0.tmp
/data/media/####/17ae84362e3d3166ea0086cd1c8c51ee.1.tmp
/data/media/####/1a69c0ae605dd3c53c875ca54a132355.0.tmp
/data/media/####/1a69c0ae605dd3c53c875ca54a132355.1.tmp
/data/media/####/1b71b28ad01b798a1bd1dbe8b9c747e2.0.tmp
/data/media/####/1b71b28ad01b798a1bd1dbe8b9c747e2.1.tmp
/data/media/####/1e46f4507c4b9c9b37a475e94bd811b8.0.tmp
/data/media/####/1e46f4507c4b9c9b37a475e94bd811b8.1.tmp
/data/media/####/215d617e1ac89c0293d8a42921e05643.0.tmp
/data/media/####/215d617e1ac89c0293d8a42921e05643.1.tmp
/data/media/####/23299d5aabd220110f8e400aa92d8237.0.tmp
/data/media/####/23299d5aabd220110f8e400aa92d8237.1.tmp
/data/media/####/240660eefc5768b405e1071fd49ce22d.0.tmp
/data/media/####/240660eefc5768b405e1071fd49ce22d.1.tmp
/data/media/####/24b079906a155aee65397ce714ac9aee.0.tmp
/data/media/####/24b079906a155aee65397ce714ac9aee.1.tmp
/data/media/####/2859110c0a0e65a5120583a2d89c777b.0.tmp
/data/media/####/2859110c0a0e65a5120583a2d89c777b.1.tmp
/data/media/####/2986e2b55a2ccdeee2fe13bdc424084a.0.tmp
/data/media/####/2986e2b55a2ccdeee2fe13bdc424084a.1.tmp
/data/media/####/2a174d39392887504168f5456c40718c.0.tmp
/data/media/####/2a174d39392887504168f5456c40718c.1.tmp
/data/media/####/2a8c5db298718b4ce531b1044d245950.0.tmp
/data/media/####/2a8c5db298718b4ce531b1044d245950.1.tmp
/data/media/####/2c88fe972868cbe7a475dff76cfe57be.0.tmp
/data/media/####/2c88fe972868cbe7a475dff76cfe57be.1.tmp
/data/media/####/2f2227f737d60c5b04260f9e1ce25abb.0.tmp
/data/media/####/2f2227f737d60c5b04260f9e1ce25abb.1.tmp
/data/media/####/2fd7a4d9baaac2cb09080b2290f1da6f.0.tmp
/data/media/####/2fd7a4d9baaac2cb09080b2290f1da6f.1.tmp
/data/media/####/306619e22364ab2863534882834409f2.0.tmp
/data/media/####/306619e22364ab2863534882834409f2.1.tmp
/data/media/####/32f5b009aa9cc641933603135eca722c.0.tmp
/data/media/####/32f5b009aa9cc641933603135eca722c.1.tmp
/data/media/####/3446c3786bbcfe14072cab274f86b3f6.0.tmp
/data/media/####/3446c3786bbcfe14072cab274f86b3f6.1.tmp
/data/media/####/38fbb5628da90c67f360a506ea784b96.0.tmp
/data/media/####/38fbb5628da90c67f360a506ea784b96.1.tmp
/data/media/####/39610bb17a220cffe8f1abf15042c04d.0.tmp
/data/media/####/39610bb17a220cffe8f1abf15042c04d.1.tmp
/data/media/####/39fc0e504a8af2454b58d88a4a1f5dde.0.tmp
/data/media/####/39fc0e504a8af2454b58d88a4a1f5dde.1.tmp
/data/media/####/3b08bab1200856d3300bf0ccb1c4ec5c.0.tmp
/data/media/####/3b08bab1200856d3300bf0ccb1c4ec5c.1.tmp
/data/media/####/3cfbfa13c9e7461d4750ccea7c646480.0.tmp
/data/media/####/3cfbfa13c9e7461d4750ccea7c646480.1.tmp
/data/media/####/3fa81f0083401e8f9f3ede58bd127d8c.0.tmp
/data/media/####/3fa81f0083401e8f9f3ede58bd127d8c.1.tmp
/data/media/####/4208baca428bcf606f629b103287c5c4.0.tmp
/data/media/####/4208baca428bcf606f629b103287c5c4.1.tmp
/data/media/####/4541b5e607b2bbdf065116d44a2f7277.0.tmp
/data/media/####/4541b5e607b2bbdf065116d44a2f7277.1.tmp
/data/media/####/4cadf2819eb7ab282ae7db37c8767813.0.tmp
/data/media/####/4cadf2819eb7ab282ae7db37c8767813.1.tmp
/data/media/####/4da6f9bea9aff8f96c1d3918e7ad09df.0.tmp
/data/media/####/4da6f9bea9aff8f96c1d3918e7ad09df.1.tmp
/data/media/####/4e1d2c6c818fce7cbacafe59e94fd9ac.0.tmp
/data/media/####/4e1d2c6c818fce7cbacafe59e94fd9ac.1.tmp
/data/media/####/4f6731e95a3ce4e41dbf5f05fffb0cf8.0.tmp
/data/media/####/4f6731e95a3ce4e41dbf5f05fffb0cf8.1.tmp
/data/media/####/515ccedf18ed6fcf26cec773f7c2cd48.0.tmp
/data/media/####/515ccedf18ed6fcf26cec773f7c2cd48.1.tmp
/data/media/####/5214127be747d60ac36b3b589e4f4aa9.0.tmp
/data/media/####/5214127be747d60ac36b3b589e4f4aa9.1.tmp
/data/media/####/524daa3b7b25ed0ac288e0363c91dbc4.0.tmp
/data/media/####/524daa3b7b25ed0ac288e0363c91dbc4.1.tmp
/data/media/####/5383023efa262e141db796b5df03981b.0.tmp
/data/media/####/5383023efa262e141db796b5df03981b.1.tmp
/data/media/####/5488666b134bbbb8cec0663eb9dc5c8a.0.tmp
/data/media/####/5488666b134bbbb8cec0663eb9dc5c8a.1.tmp
/data/media/####/54c7ab59fa070d01acf9d2a7d0ecbb4c.0.tmp
/data/media/####/54c7ab59fa070d01acf9d2a7d0ecbb4c.1.tmp
/data/media/####/55dfb42470d033ebde1915a255b7548f.0.tmp
/data/media/####/55dfb42470d033ebde1915a255b7548f.1.tmp
/data/media/####/56f761e03bc72ebc51ad1b4b39475120.0.tmp
/data/media/####/56f761e03bc72ebc51ad1b4b39475120.1.tmp
/data/media/####/5a32694d12e223ca3eb7ea2c86f7bd73.0.tmp
/data/media/####/5a32694d12e223ca3eb7ea2c86f7bd73.1.tmp
/data/media/####/5b8813265aced728a037ae2e3dc11611.0.tmp
/data/media/####/5b8813265aced728a037ae2e3dc11611.1.tmp
/data/media/####/5cbe3e6c8560c5df667d7a10b668e787.0.tmp
/data/media/####/5cbe3e6c8560c5df667d7a10b668e787.1.tmp
/data/media/####/5d0f9cee0ea81b75115c305f309dbf93.0.tmp
/data/media/####/5d0f9cee0ea81b75115c305f309dbf93.1.tmp
/data/media/####/5ecda31e3f7bced82b5b3cd980ddfbea.0.tmp
/data/media/####/5ecda31e3f7bced82b5b3cd980ddfbea.1.tmp
/data/media/####/624d852b89a4fb739a84d480debf8014.0.tmp
/data/media/####/624d852b89a4fb739a84d480debf8014.1.tmp
/data/media/####/64bbf8128447782934caf538b406691c.0.tmp
/data/media/####/64bbf8128447782934caf538b406691c.1.tmp
/data/media/####/64f1447c0e6ca7fe133468612f22f03c.0.tmp
/data/media/####/64f1447c0e6ca7fe133468612f22f03c.1.tmp
/data/media/####/66e58b3a4d3b81603351f9263aa66630.0.tmp
/data/media/####/66e58b3a4d3b81603351f9263aa66630.1.tmp
/data/media/####/6aef3d63bc781e8e646257b44304e1b5.0.tmp
/data/media/####/6aef3d63bc781e8e646257b44304e1b5.1.tmp
/data/media/####/6b8e32f92b2491b1cff00897f7a27a80.0.tmp
/data/media/####/6b8e32f92b2491b1cff00897f7a27a80.1.tmp
/data/media/####/6cc7ec0775bb6171d13afa7a2ae7debe.0.tmp
/data/media/####/6cc7ec0775bb6171d13afa7a2ae7debe.1.tmp
/data/media/####/6f6518b1feed5acd6ffd162e71c92e2f.0.tmp
/data/media/####/6f6518b1feed5acd6ffd162e71c92e2f.1.tmp
/data/media/####/73f2b08bb9d700867707fe30eb532ed9.0.tmp
/data/media/####/73f2b08bb9d700867707fe30eb532ed9.1.tmp
/data/media/####/74a9b83b8eb1abb6402745757f724759.0.tmp
/data/media/####/74a9b83b8eb1abb6402745757f724759.1.tmp
/data/media/####/75e1d85d3530dabc7759fbbab2e890b9.0.tmp
/data/media/####/75e1d85d3530dabc7759fbbab2e890b9.1.tmp
/data/media/####/7ac4e4d416d1ac23f0e080d5a786e3f3.0.tmp
/data/media/####/7ac4e4d416d1ac23f0e080d5a786e3f3.1.tmp
/data/media/####/7c90cfa01742a89338e39086c79a3b99.0.tmp
/data/media/####/7c90cfa01742a89338e39086c79a3b99.1.tmp
/data/media/####/7f1cd9f03bc07c40809d1ddaba3472b0.0.tmp
/data/media/####/7f1cd9f03bc07c40809d1ddaba3472b0.1.tmp
/data/media/####/83f9ebd9a934b5af696ccbfd29401090.0.tmp
/data/media/####/83f9ebd9a934b5af696ccbfd29401090.1.tmp
/data/media/####/871dbb5359355cd5f6c7cfba77405565.0.tmp
/data/media/####/871dbb5359355cd5f6c7cfba77405565.1.tmp
/data/media/####/873e42b93d68ef09977ce4be68d87e1e.0.tmp
/data/media/####/873e42b93d68ef09977ce4be68d87e1e.1.tmp
/data/media/####/879c40f69e026954a878ba74607775e6.0.tmp
/data/media/####/879c40f69e026954a878ba74607775e6.1.tmp
/data/media/####/8b19ebe18f9efae4c02ba3fd4c4cde73.0.tmp
/data/media/####/8b19ebe18f9efae4c02ba3fd4c4cde73.1.tmp
/data/media/####/8cd3f010da481217e52e52f560853956.0.tmp
/data/media/####/8cd3f010da481217e52e52f560853956.1.tmp
/data/media/####/8db9fac2fde5b6210c382e78be19ae3a.0.tmp
/data/media/####/8db9fac2fde5b6210c382e78be19ae3a.1.tmp
/data/media/####/904543ac6f4456c30a8744e452422676.0.tmp
/data/media/####/904543ac6f4456c30a8744e452422676.1.tmp
/data/media/####/937847a4ecb0fe47f54a5ccbe4b1e01b.0.tmp
/data/media/####/937847a4ecb0fe47f54a5ccbe4b1e01b.1.tmp
/data/media/####/93fc92c02d52074c9d3c0948e56b26a6.0.tmp
/data/media/####/93fc92c02d52074c9d3c0948e56b26a6.1.tmp
/data/media/####/970dbc6e1c8840bf8d3b795920cbbff6.0.tmp
/data/media/####/970dbc6e1c8840bf8d3b795920cbbff6.1.tmp
/data/media/####/9783034283b617dd86b2aafeda2b410e.0.tmp
/data/media/####/9783034283b617dd86b2aafeda2b410e.1.tmp
/data/media/####/99a655409e3e5633b5ce4cb9c551d0c5.0.tmp
/data/media/####/99a655409e3e5633b5ce4cb9c551d0c5.1.tmp
/data/media/####/99bd422be3f4dc427f8c7682617b468d.0.tmp
/data/media/####/99bd422be3f4dc427f8c7682617b468d.1.tmp
/data/media/####/9b138b17b55867677952ed48ac8ee850.0.tmp
/data/media/####/9b138b17b55867677952ed48ac8ee850.1.tmp
/data/media/####/9bc5e48e4c86ae0593cfc434ff272739.0.tmp
/data/media/####/9bc5e48e4c86ae0593cfc434ff272739.1.tmp
/data/media/####/9cefa948d273bfcd907a3ac6b537b871.0.tmp
/data/media/####/9cefa948d273bfcd907a3ac6b537b871.1.tmp
/data/media/####/9e2b18bfb184879f3d9957ef4a86d0fa.0.tmp
/data/media/####/9e2b18bfb184879f3d9957ef4a86d0fa.1.tmp
/data/media/####/9fdbc5a5d9fc79c8ff84746bf47f7752.0.tmp
/data/media/####/9fdbc5a5d9fc79c8ff84746bf47f7752.1.tmp
/data/media/####/9fdeb040a5681bd50af480179f447884.0.tmp
/data/media/####/9fdeb040a5681bd50af480179f447884.1.tmp
/data/media/####/9fdeeb85749d18a0f597d16f3977dc5c.0.tmp
/data/media/####/9fdeeb85749d18a0f597d16f3977dc5c.1.tmp
/data/media/####/Alvin2.xml
/data/media/####/ContextData.xml
/data/media/####/a374c43e725ecf9c4fdc446fb96ea4dc.0.tmp
/data/media/####/a374c43e725ecf9c4fdc446fb96ea4dc.1.tmp
/data/media/####/a5d4d5645f80b3e4c66ba05b3cf317f8.0.tmp
/data/media/####/a5d4d5645f80b3e4c66ba05b3cf317f8.1.tmp
/data/media/####/ab965a570d454ddf6f4b3c2d98c8739a.0.tmp
/data/media/####/ab965a570d454ddf6f4b3c2d98c8739a.1.tmp
/data/media/####/aca95926e7ed820fd4e6d6779d64894b.0.tmp
/data/media/####/aca95926e7ed820fd4e6d6779d64894b.1.tmp
/data/media/####/ad3a8537e2b284000eaf41d928b39e40.0.tmp
/data/media/####/ad3a8537e2b284000eaf41d928b39e40.1.tmp
/data/media/####/adc9d2754cdc3f642f4960717d636840.0.tmp
/data/media/####/adc9d2754cdc3f642f4960717d636840.1.tmp
/data/media/####/af14f3f63bfc7f8ff26366d57987d9d3.0.tmp
/data/media/####/af14f3f63bfc7f8ff26366d57987d9d3.1.tmp
/data/media/####/b01d9c4714060dd492712fce1d6d5019.0.tmp
/data/media/####/b01d9c4714060dd492712fce1d6d5019.1.tmp
/data/media/####/b042f067b955f8ef492e1796c1668795.0.tmp
/data/media/####/b042f067b955f8ef492e1796c1668795.1.tmp
/data/media/####/b5bb4a9407549a008a4b7290423835a3.0.tmp
/data/media/####/b5bb4a9407549a008a4b7290423835a3.1.tmp
/data/media/####/b5bd40fbe504d8162689a111fd758916.0.tmp
/data/media/####/b5bd40fbe504d8162689a111fd758916.1.tmp
/data/media/####/baa5c5011b5b3305e67fd62d40bffd52.0.tmp
/data/media/####/baa5c5011b5b3305e67fd62d40bffd52.1.tmp
/data/media/####/bb05fe5ddf633bf6daaec41b1937e97e.0.tmp
/data/media/####/bb05fe5ddf633bf6daaec41b1937e97e.1.tmp
/data/media/####/bb14e7bc35b77188e911ca7a207bc78f.0.tmp
/data/media/####/bb14e7bc35b77188e911ca7a207bc78f.1.tmp
/data/media/####/bbd95b5cd5cf177f5f3d1beea46628ae.0.tmp
/data/media/####/bbd95b5cd5cf177f5f3d1beea46628ae.1.tmp
/data/media/####/bc73d56286b5dc46c8af64a00eb952a6.0.tmp
/data/media/####/bc73d56286b5dc46c8af64a00eb952a6.1.tmp
/data/media/####/bf8b3213be00724561a1b0c880178362.0.tmp
/data/media/####/bf8b3213be00724561a1b0c880178362.1.tmp
/data/media/####/bfd48946b24c83bdb88f8b09f58bf13d.0.tmp
/data/media/####/bfd48946b24c83bdb88f8b09f58bf13d.1.tmp
/data/media/####/c1362f463f084542d1ef93a9c3f491d0.0.tmp
/data/media/####/c1362f463f084542d1ef93a9c3f491d0.1.tmp
/data/media/####/c3df89625949ea78ab1ab8d1a0736a9c.0.tmp
/data/media/####/c3df89625949ea78ab1ab8d1a0736a9c.1.tmp
/data/media/####/c432c73e731ae5d862612eebce800a91.0.tmp
/data/media/####/c432c73e731ae5d862612eebce800a91.1.tmp
/data/media/####/c4d9996d9fbb9d653faeade121bd4ca0.0.tmp
/data/media/####/c4d9996d9fbb9d653faeade121bd4ca0.1.tmp
/data/media/####/c6a43270e8305d9e7cee721ae7c65b25.0.tmp
/data/media/####/c6a43270e8305d9e7cee721ae7c65b25.1.tmp
/data/media/####/cb7c3971f02f428e7057e1e4f9c36ad3.0.tmp
/data/media/####/cb7c3971f02f428e7057e1e4f9c36ad3.1.tmp
/data/media/####/d098769939fd44ee673e635a3602cc88.0.tmp
/data/media/####/d098769939fd44ee673e635a3602cc88.1.tmp
/data/media/####/d10a5635bf41cc471dbcefa0de79fdac.0.tmp
/data/media/####/d10a5635bf41cc471dbcefa0de79fdac.1.tmp
/data/media/####/d2fc7e6a7a391d8ee97fd8cc6ec2e51b.0.tmp
/data/media/####/d2fc7e6a7a391d8ee97fd8cc6ec2e51b.1.tmp
/data/media/####/d3567cbd77b2e7f2fd25347d1f8461d9.0.tmp
/data/media/####/d3567cbd77b2e7f2fd25347d1f8461d9.1.tmp
/data/media/####/d4218e51a32ce5f9a62eb3f46bffa87d.0.tmp
/data/media/####/d4218e51a32ce5f9a62eb3f46bffa87d.1.tmp
/data/media/####/d4696cac82be5ce08b63c8cb0b9e5110.0.tmp
/data/media/####/d4696cac82be5ce08b63c8cb0b9e5110.1.tmp
/data/media/####/d7e962ad7bcaf8b469ec97f5aa0ad67d.0.tmp
/data/media/####/d7e962ad7bcaf8b469ec97f5aa0ad67d.1.tmp
/data/media/####/d9f8521e56c7635144e9e4014f31a2b1.0.tmp
/data/media/####/d9f8521e56c7635144e9e4014f31a2b1.1.tmp
/data/media/####/dc1192395a6e113157ad45be232a6fad.0.tmp
/data/media/####/dc1192395a6e113157ad45be232a6fad.1.tmp
/data/media/####/dc1c13c1aa35a13cd5e2721aff623436.0.tmp
/data/media/####/dc1c13c1aa35a13cd5e2721aff623436.1.tmp
/data/media/####/dcff24ac5e9431b8d5a70a352ab852dd.0.tmp
/data/media/####/dcff24ac5e9431b8d5a70a352ab852dd.1.tmp
/data/media/####/dfbc70ca865572e18c5f24cc891ed668.0.tmp
/data/media/####/dfbc70ca865572e18c5f24cc891ed668.1.tmp
/data/media/####/e05bc46ecb86573944eddeb6092bc4c5.0.tmp
/data/media/####/e05bc46ecb86573944eddeb6092bc4c5.1.tmp
/data/media/####/e0e349d0aa5656dae48eb5c8bb7e2c32.0.tmp
/data/media/####/e0e349d0aa5656dae48eb5c8bb7e2c32.1.tmp
/data/media/####/e2b016b6d9a075ba385e5c0212893993.0.tmp
/data/media/####/e2b016b6d9a075ba385e5c0212893993.1.tmp
/data/media/####/e3ddf14327643f3448393233d7a522ee.0.tmp
/data/media/####/e3ddf14327643f3448393233d7a522ee.1.tmp
/data/media/####/e43dff45c5a333029148a30a8681f00c.0.tmp
/data/media/####/e43dff45c5a333029148a30a8681f00c.1.tmp
/data/media/####/e63acf97d832ede9a79bfc5be5f970fc.0.tmp
/data/media/####/e63acf97d832ede9a79bfc5be5f970fc.1.tmp
/data/media/####/e76b9af42e2908abd8b2dbd501442914.0.tmp
/data/media/####/e76b9af42e2908abd8b2dbd501442914.1.tmp
/data/media/####/e7af9fa62de895a45b0ecdfa9356c107.0.tmp
/data/media/####/e7af9fa62de895a45b0ecdfa9356c107.1.tmp
/data/media/####/e865f0bcdf685cb3ba2241dff733fd24.0.tmp
/data/media/####/e865f0bcdf685cb3ba2241dff733fd24.1.tmp
/data/media/####/e933b6dbc25392a4fd56ba46ce826b28.0.tmp
/data/media/####/e933b6dbc25392a4fd56ba46ce826b28.1.tmp
/data/media/####/e99ab60346976886a281cfd00f80f579.0.tmp
/data/media/####/e99ab60346976886a281cfd00f80f579.1.tmp
/data/media/####/ed8a70d2fca340a336c7036fdce4be29.0.tmp
/data/media/####/ed8a70d2fca340a336c7036fdce4be29.1.tmp
/data/media/####/edc3a8297982579af7f8209be13a7728.0.tmp
/data/media/####/edc3a8297982579af7f8209be13a7728.1.tmp
/data/media/####/f0063710aa922b1983ad80111435e85f.0.tmp
/data/media/####/f0063710aa922b1983ad80111435e85f.1.tmp
/data/media/####/f3db3bb3b57eac759e7c5850d7db1826.0.tmp
/data/media/####/f3db3bb3b57eac759e7c5850d7db1826.1.tmp
/data/media/####/f59366a80b3f776efc181eca5be50682.0.tmp
/data/media/####/f59366a80b3f776efc181eca5be50682.1.tmp
/data/media/####/fa096dd72cd25bddf9b12f49bf78f744.0.tmp
/data/media/####/fa096dd72cd25bddf9b12f49bf78f744.1.tmp
/data/media/####/fc694ab51d90701e4af07b561d62c818.0.tmp
/data/media/####/fc694ab51d90701e4af07b561d62c818.1.tmp
/data/media/####/fdc2733451c7a3066596e1f8c2a3de1c.0.tmp
/data/media/####/fdc2733451c7a3066596e1f8c2a3de1c.1.tmp
/data/media/####/fee25e56984ccad36cc805da27eed4a1.0.tmp
/data/media/####/fee25e56984ccad36cc805da27eed4a1.1.tmp
/data/media/####/journal
/data/media/####/journal.tmp
/data/media/####/log.lock
/data/media/####/log1.txt
/data/media/####/sysid.dat

Miscellaneous:

Executes the following shell scripts:

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
cat /sys/class/net/wlan0/address
getprop ro.build.display.id
getprop ro.build.version.emui
getprop ro.miui.ui.version.name
getprop ro.rom.different.version
getprop ro.vivo.os.name
ls /sys/class/thermal

Loads the following dynamic libraries:

libjiagu-826918854
tpnsSecurity

Uses the following algorithms to encrypt data:

AES-CBC-PKCS5Padding
AES-CBC-PKCS7Padding
DES-CBC-PKCS5Padding

Uses the following algorithms to decrypt data:

AES-CBC-PKCS5Padding
AES-CBC-PKCS7Padding

Uses special library to hide executable bytecode.

Gets information about location.

Gets information about network.

Gets information about phone status (number, IMEI, etc.).

Gets information about installed apps.

Gets information about accounts associated with the device (Google, Facebook, etc.).

Adds tasks to the system scheduler.

Displays its own windows over windows of other apps.

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

Technical information

Curing recommendations

Free trial